Move Nova account creation out of keystone_data.sh
Supports the coming HA/proxy configuration for Nova
Change-Id: I2baf1f51486537a1489f1376d38f5710bd96c314
diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index c8e68dd..32d4e1a 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@@ -5,7 +5,6 @@
# Tenant User Roles
# ------------------------------------------------------------------
# service glance admin
-# service nova admin, [ResellerAdmin (swift only)]
# service quantum admin # if enabled
# service swift admin # if enabled
# service cinder admin # if enabled
@@ -53,29 +52,8 @@
# Services
# --------
-# Nova
-if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
- NOVA_USER=$(get_id keystone user-create \
- --name=nova \
- --pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
- --email=nova@example.com)
- keystone user-role-add \
- --tenant_id $SERVICE_TENANT \
- --user_id $NOVA_USER \
- --role_id $ADMIN_ROLE
- if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- NOVA_SERVICE=$(get_id keystone service-create \
- --name=nova \
- --type=compute \
- --description="Nova Compute Service")
- keystone endpoint-create \
- --region RegionOne \
- --service_id $NOVA_SERVICE \
- --publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
- --adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
- --internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
- fi
+if [[ "$ENABLED_SERVICES" =~ "n-api" ]] && [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
+ NOVA_USER=$(keystone user-list | awk "/ nova / { print \$2 }")
# Nova needs ResellerAdmin role to download images when accessing
# swift through the s3 api.
keystone user-role-add \
diff --git a/lib/nova b/lib/nova
index 3a4d34d..095c65e 100644
--- a/lib/nova
+++ b/lib/nova
@@ -277,6 +277,46 @@
fi
}
+# create_nova_accounts() - Set up common required nova accounts
+
+# Tenant User Roles
+# ------------------------------------------------------------------
+# service nova admin, [ResellerAdmin (swift only)]
+
+# Migrated from keystone_data.sh
+create_nova_accounts() {
+
+ SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
+
+ # Nova
+ if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
+ NOVA_USER=$(keystone user-create \
+ --name=nova \
+ --pass="$SERVICE_PASSWORD" \
+ --tenant_id $SERVICE_TENANT \
+ --email=nova@example.com \
+ | grep " id " | get_field 2)
+ keystone user-role-add \
+ --tenant_id $SERVICE_TENANT \
+ --user_id $NOVA_USER \
+ --role_id $ADMIN_ROLE
+ if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
+ NOVA_SERVICE=$(keystone service-create \
+ --name=nova \
+ --type=compute \
+ --description="Nova Compute Service" \
+ | grep " id " | get_field 2)
+ keystone endpoint-create \
+ --region RegionOne \
+ --service_id $NOVA_SERVICE \
+ --publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
+ --adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
+ --internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
+ fi
+ fi
+}
+
# create_nova_conf() - Create a new nova.conf file
function create_nova_conf() {
# Remove legacy ``nova.conf``
diff --git a/stack.sh b/stack.sh
index b8e59bc..99ed91f 100755
--- a/stack.sh
+++ b/stack.sh
@@ -934,6 +934,7 @@
export OS_SERVICE_TOKEN=$SERVICE_TOKEN
export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
create_keystone_accounts
+ create_nova_accounts
# ``keystone_data.sh`` creates services, admin and demo users, and roles.
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \